financial-data-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches public third‑party data (SKILL.md "获取数据" step and scripts/data_fetcher.py using yfinance, plus calls to the tushare MCP tool) and instructs the agent to read and act on that data to run analyses and generate signals/reports, so external content can materially influence decisions.